Senior Cloud Security Engineer

Who we are  We simplify wealth creation. Founded in 2014 in Vienna, Austria by Eric Demuth, Paul Klanschek and Christian Trummer, we’re here to help people trust themselves enough to build their financial freedom — for now and the future. Our user-friendly, trade-everything platform empowers both first-time investors and seasoned experts to invest in the cryptocurrencies, crypto indices, stocks, precious metals and commodities they want — with any sized budget, 24/7. Our global team works across different cultures and time zones, bringing our products to more than 7 million customers, making us one of Europe’s safest and most secure platforms that powers modern investing.   Headquartered in Austria but operating across Europe, our products are built by fast-moving, talented, “roll-up-your-sleeves-and-make-it-happen” kind of people. It’s these diverse perspectives and innovative minds operating as ONE TEAM that keep Bitpanda at the cutting edge of our industry. So if you’re someone who thinks big, moves fast and wants to make an impact right from day one, then get ready to join our industry-changing team. Let’s go!  Your Mission We are looking for a Senior Cloud Security Engineer with a strong DevSecOps mindset, someone who embeds security into the engineering lifecycle, builds automation that eliminates manual overhead, and works closely with development teams to make secure-by-default the standard. In this role, you will secure our cloud infrastructure, own our CI/CD security posture, and develop tooling that scales with our engineering organisation.   What You’ll Do Cloud Security Architecture: Design and maintain secure, highly available infrastructure on AWS. Apply zero-trust principles across our cloud and network perimeter Security Automation & Tooling: Develop custom automation scripts and tooling (using Python, Go, or Bash) to monitor compliance, eliminate manual operational overhead, and contextualize findings from detection systems. DevSecOps & CI/CD Integration: Embed automated security controls into CI/CD pipelines using GitOps principles, GitHub Actions/GitLab CI, and Infrastructure as Code (Terraform, AWS CDK). Own the security gates that ship with every deployment. Security Enablement: Serve as the security SME for engineering, running threat modeling sessions, reviewing architectures, and translating security requirements into development tasks. AI-Driven Security: Leverage Agentic AI, LLMs, and frameworks (like AWS Bedrock) to build internal tools for automated vulnerability detection and secret scanning (e.g., detecting leaked PII or security misconfigurations).   Who You Are Experience: 4+ years of hands-on experience in Cloud Security, DevSecOps, or Site Reliability Engineering (SRE) with a strong security focus. Cloud Expertise: Deep knowledge of AWS services, specifically IAM, EC2, ECS, EKS, VPC, Lambda, and Security services (e.g., GuardDuty, SecurityHub CSPM, Amazon Inspector, etc.). Proven ability to secure complex cloud and hybrid network architectures. Understanding of IaaS, PaaS, SaaS cloud deployment models, and shared responsibility models. Programming & Scripting: Strong proficiency in Python, Go, and Bash. Comfortable writing production-grade code and interacting with APIs. Infrastructure & Containers: Hands-on experience securing Docker containers, Kubernetes (EKS), and deploying policy and infrastructure as code via declarative tools such as Terraform and Helm. Communication: Excellent ability to translate complex security requirements into actionable development plans for cross-functional teams. What’s in it for you Flexibility to work where you thrive – Enjoy the freedom of our Hybrid working model, combining onsite collaboration and remote work, with an additional 25 days per year to work from a city or country of your choice. Reward for your impact – Receive a competitive total compensation package aligned with Bitpanda’s pay-for-impact policy, including participati...